The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
if the hacker somehow got the chance to include your precious config.php file, there's something completely wrong nontheless. But then again, this is just fighting against phantoms and has no real security value. A colorful image file reading "please do not hack my server, k?" would have the same effect. But if it makes you sleep better...
|
#12
|
|||
|
|||
thank you...
|
#13
|
|||
|
|||
This as you said can help you protect from the want to be hackers. The hackers who think they are good. I will use this since my forums will be small and hackers won`t try to hack it unless there desperate.
|
#14
|
||||
|
||||
Quote:
And remembering some VB bugs (like the FAQ one revealing the DB info) - then it doesn't matter where this file is because VB needs it to work at all. Quote:
For readable files like configurations, there's for the webserver absolutely no difference having them placed in the "includes" directory and set that via "Deny from all" to only allow local access or moving them somewhere into a directory that has the same restrictions (like /etc). It's maybe a bit more userfriendly to setup the "includes" directory to disallow access because you don't need to edit VB core files. And - for the worst case - if it happens that VB has some kind of LFI or info revealing bug - then it doesn't matter where this file is. |
Благодарность от: | ||
Disasterpiece |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|